1

A server that sends info (in this case temperature data, every second) through a socket connection which can be listened to.

The goal being to display temperature and dynamically update the value on a webpage, with javascript.

The server cannot be modified.

Gunslinger
  • 1,456
  • 7
  • 22
  • 36

2 Answers2

2

JavaScript can not open arbitrary TCP connections, as that would allow for all kinds of mayhem when combined with services who authenticate based on IP address, or not at all (and are only protected by firewalls). This includes Windows or NFS file shares, your average printer, your average LAN game, your average home router's web interface and lots of enterprise software.

You you cannot really prevent the browser from visiting a malicious site (since that includes visiting a trusted site with malicious ads). If these sites could effect arbitrary TCP connections, they could for example try out every IP address in the RFC 1918 private address ranges, or every IP address in the address range of the organization the client is coming from, and determine what devices you own. That alone would constitute a serious privacy breach, but imagine a malware site finding a printer and then printing out spam in your office once you visit it by accident.

What you can do is use a WebSocket server to translate native TCP to WebSockets. Most Websocket implementations will have such a server as a demonstration app, but you can also use a standalone proxy.

Community
  • 1
  • 1
phihag
  • 278,196
  • 72
  • 453
  • 469
  • 1
    Why mayhem? Sending custom data over raw TCP can have a lot of advantages - from simplicity to optimization. – AlikElzin-kilaka Jun 29 '14 at 18:19
  • @kilaka Well, for one, many services and devices (such as Windows File Shares, local home routers, games, printers, etc.) only connect to or give special preferences to local IP addresses. So if JavaScript would allow arbitrary TCP connections, every malware site could, for example, *print out spam messages* on every connected printer. – phihag Jun 29 '14 at 18:44
  • Disagree - The browser is the initiator of a connection to a specific server/port. It can't really receive arbitrary data (spam) from other servers/machines. – AlikElzin-kilaka Jun 30 '14 at 05:13
  • @kilaka There seems to be a misunderstanding regarding the scenario. I have updated the answer. If you still disagree after reading it, I offer you a presentation. Give me a way to allow arbitrary TCP connections from your browser and visit an example site of mine from a typical computer in your home and office, and I'll demonstrate this. – phihag Jun 30 '14 at 10:01
0

What you need to do is make the connection with PHP, or something else server side, and return the result via AJAX to your JavaScript.

Brad
  • 159,648
  • 54
  • 349
  • 530
  • AJAX is, in general, not really that great for pushes - you'd need a request for each update, i.e. 1 HTTP request per second! Also, using AJAX means that you must be able to handle corner cases such as no output at all, as well as implement a mechanism to not miss updates. If you don't want to use WebSocket, you should really use something like Server-Sent Events. – phihag Feb 05 '12 at 23:26
  • @phihag Note that Firefox can in fact handle server push in XMLHTTPRequest, so it can receive a stream of multiple XML documents. – Neil Feb 05 '12 at 23:49
  • ajax won't open conneciton... ajax keeps requesting wich can be a great mess for a site with many visitors....... – Karue Benson Karue Feb 21 '16 at 19:49
  • 1
    @KarueBensonKarue That all depends on a lot of factors, none of which are relevant to the post above. This person seems to think you can open an arbitrary TCP connection via JavaScript, which is not possible in-browser. The point is that you need *something* server-side to proxy the data. AJAX, Web Sockets, an iframe that gets refreshed, whatever is appropriate for your situation. – Brad Feb 21 '16 at 21:17